370 Passwords You Shouldn’t (And Can’t) Use On Twitter

27 Dec 2009  //  8 comments  //  Internet Development

If you’re on Twitter, that means you registered an account with a password that isn’t terribly easy to guess. As you may know, Twitter prevents people from doing just that by indicating that certain passwords such as ‘password’ (cough cough) and ‘123456′ are too obvious to be picked.

It just so happens that Twitter has hard-coded all banned passwords on the sign-up page. All you need to do to retrieve the full list of unwelcome passwords is take a look at the source code of that page.

Do a simple search for ‘twttr.BANNED_PASSWORDS’ and voilà, there they are, all 370 of them.

This isn’t a security issue, of course, and in fact it’s helpful to distribute the list so you can check if your favorite password that you use for other services might not be as fail-proof as you’d like to think. For the full list, simply download this TXT file, but here are a couple:

- password

- testing

- naked

- stupid

- twitter

- 123456

- secret

- please

- beavis

- butthead

- internet

- hooters

What would be interesting to know is if Twitter got this list from somewhere else, or if they actually analyze which passwords were most commonly chosen by its tens of millions of users in the past, rendering them ‘too obvious’. If the latter, that means this list is probably representative of most Web services.

(Thanks to Dario Manoukian for the tip; a quick search turns up a post on The Wundercounter featuring the list too)

Crunch Network: CrunchBase the free database of technology companies, people, and investors

View full post on TechCrunch

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

This entry was posted on Sunday, December 27th, 2009 at 8:45 am and is filed under Internet Development. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.